Ftp or Drop box help

W

wolverine_dcp

Expert Member
Joined
Jul 30, 2013
Messages
4,674
Reaction score
26
Hi guys please assist i am looking to create a ftp or dropbox so that i can give someone access to a file with authentication.
So basically i can say here's the link and your username and password please copy the file and once they complete i can remove access or disable their authentication
thanks :D
 
You can easily just add the IIS and then FTP service to a Windows server on your network (or even win7 pc), add AD account for security purposes to the folder (or local account if not in AD environment), publish it over your firewall and then send the guy the link, (which would be ftp://your_external_ip_addrress/ and phone him with the username and password.

Or else just use dropbox, but never used that myself, but sure you can send people a link where they can have access to your files in dropbox
 
1) Please don't use (plain) FTP, since files are transfered in an unencrypted form and can be sniffed by anyone between the client and server.
2) Dropbox is better (files are transfered over HTTPS), but do you trust them with your confidential information?

It is for this exact scenario that I decided to develop my own web-based app. You can upload files and set a password, expiration date and/or limit the number of times that it can be downloaded. It was created as a response to our local services' (e.g. banks) lack of secure communications facilities.

It is written in Python and uses a MongoDB database (developed and tested on Linux). I am planning to release it as free software on GitHub, but there's some polishing to do first. Would you (or anyone) be interested in it?
 
walter_l said:
1) Please don't use (plain) FTP, since files are transfered in an unencrypted form and can be sniffed by anyone between the client and server.
2) Dropbox is better (files are transfered over HTTPS), but do you trust them with your confidential information?

It is for this exact scenario that I decided to develop my own web-based app. You can upload files and set a password, expiration date and/or limit the number of times that it can be downloaded. It was created as a response to our local services' (e.g. banks) lack of secure communications facilities.

It is written in Python and uses a MongoDB database (developed and tested on Linux). I am planning to release it as free software on GitHub, but there's some polishing to do first. Would you (or anyone) be interested in it?
Click to expand...

To be quite honest I think the data is safer in the hands of Dropbox/Onedrive/Google drive. The have all spent millions of dollars securing user's data. You've spent a couple of hours.

If you are referring to the likes of the NSA I can assure you they are not interested in your documents and if the are it will be much easier to get to on your server than the ones I've mentioned.
 
wolverine_dcp said:
Hi guys please assist i am looking to create a ftp or dropbox so that i can give someone access to a file with authentication.
So basically i can say here's the link and your username and password please copy the file and once they complete i can remove access or disable their authentication
thanks :D
Click to expand...

Gooi it in dropbox or Onedrive, right click and say Share, enter an email address and go. Easy as that.
 
Frikkenator said:
To be quite honest I think the data is safer in the hands of Dropbox/Onedrive/Google drive. The have all spent millions of dollars securing user's data. You've spent a couple of hours.

If you are referring to the likes of the NSA I can assure you they are not interested in your documents and if the are it will be much easier to get to on your server than the ones I've mentioned.
Click to expand...

I would beg to differ. Yes, they might spend more money on security, but they are also targeted, proportionally, much more frequently. Nevermind the actual compromises of some of these services in the past. As you've (correctly) implied, I am not interesting enough for my lil' server to be a serious target. Therefore I arguably "need less security" (I cringed as I typed that). I also have (much) less to secure.

The greater consideration, though, is trust:
If you're not paying for it, you're not the customer; you're the product being sold.
Click to expand...
 
walter_l said:
I would beg to differ. Yes, they might spend more money on security, but they are also targeted, proportionally, much more frequently. Nevermind the actual compromises of some of these services in the past. As you've (correctly) implied, I am not interesting enough for my lil' server to be a serious target. Therefore I arguably "need less security" (I cringed as I typed that). I also have (much) less to secure.
Click to expand...

Lol. Fair enough, but security through obscurity is very, very dangerous playground.

walter_l said:
The greater consideration, though, is trust: If you're not paying for it, you're not the customer; you're the product being sold.
Click to expand...

That is a fantastic quote, but not quite applicable to these services. Dropbox offers the free service to entice users onto the paid packages. Google and MS need these to have complete ecosystems where the money is made in other areas. See it as a cost centre for them.
 
Frikkenator said:
Lol. Fair enough, but security through obscurity is very, very dangerous playground.
Click to expand...
Yes, it's dangerous, but "security through obscurity" is not applicable here.



Frikkenator said:
That is a fantastic quote, but not quite applicable to these services. Dropbox offers the free service to entice users onto the paid packages. Google and MS need these to have complete ecosystems where the money is made in other areas. See it as a cost centre for them.
Click to expand...
The quote was meant to describe my trust in especially these big guys: none. The terms and conditions of some of these services are already a cause for concern, and that's only what they are telling us. Basically, I don't trust them to respect my privacy. They might have the more advanced security setup, but I will gladly trade it for my own security (which received considerable attention) in exchange for protection of my privacy. To each his own, I suppose.
 
irBosOtter said:
You can easily just add the IIS and then FTP service to a Windows server on your network (or even win7 pc), add AD account for security purposes to the folder (or local account if not in AD environment), publish it over your firewall and then send the guy the link, (which would be ftp://your_external_ip_addrress/ and phone him with the username and password.

Or else just use dropbox, but never used that myself, but sure you can send people a link where they can have access to your files in dropbox
Click to expand...
Gonna try your suggestion but with Sftp
 
wolverine_dcp said:
Hi guys please assist i am looking to create a ftp or dropbox so that i can give someone access to a file with authentication.
So basically i can say here's the link and your username and password please copy the file and once they complete i can remove access or disable their authentication
thanks :D
Click to expand...


Rather give that person the dropbox information ... that way there's no risk to your domain should something randomly occur or go wrong ... (sometimes things just randomly go wrong ...randomly)...
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X